Description
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
Remediation
References
Related Vulnerabilities
WordPress Plugin Total Sales For Woocommerce Cross-Site Scripting (1.1)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3680)
WordPress Plugin Powerplay Gallery Multiple Vulnerabilities (3.3)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.4.17)